<?php

namespace App\Http\Middleware;

use Closure;
use Session;
use Redirect;
use App\Model\User;
use App\Model\Permission;

class AdminAuthCheck
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string|null  $guard
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = null)
    {   
        /*if (isset($_SERVER['HTTP_VIA'])) return true;    
        if (isset($_SERVER['HTTP_X_NOKIA_CONNECTION_MODE'])) return true;    
        if (isset($_SERVER['HTTP_X_UP_CALLING_LINE_ID'])) return true;    
        if (strpos(strtoupper($_SERVER['HTTP_ACCEPT']), "VND.WAP.WML") > 0) {   
            $br = "WML";    
        } else {        
            $browser = isset($_SERVER['HTTP_USER_AGENT']) ? trim($_SERVER['HTTP_USER_AGENT']) : '';        
            if (empty($browser)) return true;        
            $clientkeywords = array('nokia','sony','ericsson','mot','samsung','htc','sgh','lg','sharp','sie-','philips','panasonic','alcatel','lenovo','iphone','ipod',
                'blackberry','meizu', 'android', 'netfront', 'symbian', 'ucweb', 'windowsce', 'palm', 'operamini', 'operamobi', 'opera mobi', 'openwave','nexusone','cldc',
                'midp','wap','mobile'); 
            if (preg_match("/(" . implode('|', $clientkeywords) . ")/i", $browser) && strpos($browser, 'ipad') === false) {
                $br = "WML";
            } else {
                $br = "HTML"; 
            }    
        }    
        if ($br == "WML") {        
            echo '<script>parent.location.href = "/404";</script>';
        } else {
            $cip='unkndown';
            if($_SERVER['REMOTE_ADDR']){
                $cip=$_SERVER['REMOTE_ADDR'];
            }elseif(getenv('REMOTE_ADDR')){
                $cip=getenv('REMOTE_ADDR');
            }
            if($cip == '172.25.0.100' || $cip == '123.116.99.8' || $cip == '113.208.117.250' || $cip == '172.25.0.6'){*/
                if (!$request->session()->has('adminuser'))
                {
                    if(!$request->is('admin/login')){
                        echo '<script>parent.location.href = "/admin/login";</script>';
                        exit;
                    }
                }else{
                    $isajax = $request->ajax();
                    //获取当前要访问的路由对应的控制器@方法
                    $getinfo = $request->route()->getAction();
                   $controller_action = '::::::'.str_replace($getinfo['namespace'].'\\','',$getinfo['controller']).'::::::';

                    $info = Session::get('adminuser');
                    $userinfo = User::where('user_id',$info['user_id'])->first();

                    $basic_permission_arr = Permission::where('permission_status',0)->pluck('controller_action');
                    $basic_permission = implode('::::::',$basic_permission_arr->toArray());
                    $all_permission = '::::::'.$basic_permission.'::::::'.$userinfo->user_permission.'::::::';

                    if($info['user_id']!=1 && strpos($all_permission,$controller_action) === false){
                        if($isajax){
                            $jsonData = ['status'  => '0','message' => '权限不足，请联系超级管理员'];
                            return response()->json($jsonData);
                        }else{
                            echo '<script>parent.location.href = "/admin/nopermission";</script>';
                            //return Redirect::to('/admin/nopermission');
                        }
                    }
                }
            /*}else{
                echo '<script>parent.location.href = "/404";</script>';
            }
        }*/
        return $next($request);
    }
}